[Freeipa-users] FreeIpa Server + NFSv4 Kerberos mount problem.

Alan Latteri alan at instinctualsoftware.com
Sun Oct 9 01:05:23 UTC 2016 

I think you problem is FreeNAS and not IPA itself.  In FreeNAS 10 they will have built in IPA functionality.
> On Oct 8, 2016, at 5:47 PM, Arthur Morales Sampaio <amostech at gmail.com> wrote:
> 
> Good morning, my name is Arthur and I am working on the integration of FreeIPA and NFSv4 mounting for home directory sharing for authenticated users.
> 
> This is the first time I am doing this so the problem could be simple. It's been already a week that I have been struggling with this and I don't know where else to ask for help. I have read pretty much everything that is to be read online regarding Freeipa integration.
> 
> Here is my scenario:
> - FreeIPA server 4.2.0 - Centos7
> - FreeNAS (NFSv4 server) 10 - FreeBSD (bundled with FreeNAS)
> - Client Ubuntu 16.04. Installed IPA client using ipa-client-install and imported LDAP credentials. Kerberos login is working properly I can log into the machines using IPA users. But can't mount NFS4 using sec=krb5 option.
> 
> I have a functional FreeIPA server with Kerberos authentication working properly. But I can't get NFSv4 authenticated to work in freeipa-clients. 
> 
> Following is the error that I am getting:
> 
> 
> 
> I know that this might not be enough detail for me to get help for this problem. But the thing is that I don't know how to enable a more verbosity functionality for this.
> 
> The desired behavior would be to create mounts for home directories of users and enable kerberos security to mount them. Meaning that I need only the owners to be able to mount them. 
> 
> This is something that is very confusing for me. Wouldn't I be required to somehow pass to the mount command the username or any credentials of the kerberos user just so the NFS server would know WHO is trying to mount the directory?
> 
> I really exhausted my resources in trying to fix this issue. 
> 
> Does FreeIPA work with NFSv4? 
> 
> I sincerely appreciate your help on this one.
> 
> Best regards,
> Arthur
> -- 
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20161008/6f68735d/attachment.htm>

More information about the Freeipa-users mailing list